def route_admin_users_groups_post(group_id=None, user_id=None): current_user = get_current_user() # type: User if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") group = db_session.query(Group).filter_by(id=group_id).first() # type: Group user = db_session.query(User).filter(User.id == user_id).first() # type: User if not group: return abort(400, f"The group with id: {group_id} does not exists") if not user: return abort(400, f"The user with id: {user_id} does not exists") if current_user.is_superuser: group.users_admin.append(user) db_session.commit() else: abort(400, "Not authorized") return { "msg": f"The user with id {user_id} was sucessfully added as an admin of the group with id {group_id}" }
def route_users_post_open(email=None, password=None, first_name=None, last_name=None, group_id=None): if not config.USERS_OPEN_REGISTRATION: abort(403, "Open user resgistration is forbidden on this server") user = db_session.query(User).filter(User.email == email).first() if user: return abort( 400, f"The user with this email already exists in the system: {email}") group = db_session.query(Group).filter(Group.id == group_id).first() if group is None: abort(400, f'There is no group with id: "{group_id}"') user = User( email=email, password=pwd_context.hash(password), first_name=first_name, last_name=last_name, group=group, ) db_session.add(user) db_session.commit() db_session.refresh(user) return user
def route_users_id_get(user_id): current_user = get_current_user() # type: User if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") user = db_session.query(User).filter( User.id == user_id).first() # type: User if not user: return abort(400, f"The user with id: {user_id} does not exists") if current_user.is_superuser: # Return everything, don't abort pass elif user.group in current_user.groups_admin: # Return everything, don't abort pass else: abort(400, "Not authorized") return user
def route_groups_get(): current_user = get_current_user() # type: User if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") if current_user.is_superuser: return db_session.query(Group).all() elif current_user.groups_admin: return [group for group in current_user.groups_admin] else: return [current_user.group]
def route_users_post(email=None, password=None, first_name=None, last_name=None, group_id=None): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") elif not current_user.is_superuser: abort(400, "Only a superuser can execute this action") user = db_session.query(User).filter(User.email == email).first() if user: return abort( 400, f"The user with this email already exists in the system: {email}") group = db_session.query(Group).filter(Group.id == group_id).first() if group is None: abort(400, f'There is no group with id: "{group_id}"') user = User( email=email, password=pwd_context.hash(password), first_name=first_name, last_name=last_name, group=group, ) db_session.add(user) db_session.commit() db_session.refresh(user) return user
def route_login_access_token(username, password): user = db_session.query(User).filter(User.email == username).first() if not user or not pwd_context.verify(password, user.password): abort(400, "Incorrect email or password") elif not user.is_active: abort(400, "Inactive user") access_token_expires = timedelta( minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES) return { "access_token": create_access_token(identity=user.id, expires_delta=access_token_expires), "token_type": "bearer", }
def route_groups_post(name=None): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") elif not current_user.is_superuser: abort(400, "Not a superuser") group = db_session.query(Group).filter(Group.name == name).first() if group: return abort(400, f"The group: {name} already exists in the system") group = Group(name=name) db_session.add(group) db_session.commit() return group
def route_users_get(): current_user = get_current_user() if not current_user: abort(400, "Could not authenticate user with provided token") elif not current_user.is_active: abort(400, "Inactive user") users = [current_user] if current_user.is_superuser: return db_session.query(User).all() elif current_user.groups_admin: # return all the users in the groups the user is admin in users = [] for group in current_user.groups_admin: users.extend(group.users) return users # return the current user's data, but in a list return users
def get_current_user(identity): return db_session.query(User).filter(User.id == identity).first()